Iran's first nuclear power plant has suffered a serious cyber-intrusion from a sophisticated worm that infected workers' computers, and potentially plant systems. (Source: AP)

The worm has spread to over 10,000 computers in Indonesia. Computers in the U.S. have also been infected. (Source: Digitrain)

Attack has since spread to plants and computers in the U.S. and elsewhere, posing serious threat

It's
been only a month since the activation
of Iran's first nuclear power plant and there's already a
major crisis concerning proliferation. But this crisis has
nothing to do with nuclear arms proliferation. Rather, the
scare has to do with the proliferation of the Stuxnet worm, a
malicious computer program that has invaded the plant's computers and
since spread to computers worldwide.

The viral program is very
sophisticated and appears designed specifically to attack the plant.
It first was released onto workers' computers, designed to try to
reach plant's control systems. Unlike other more sophisticated
attacks which appeared to be primarily
geared for monitoring, this attack was designed to do damage.
It contained logic to sabotage nuclear fuel enrichment centrifuges.
The centrifuges, made by German equipment electronics giant Siemens,
would be made to fail in a virtually unnoticeable way.

The
Bushehr plant is located near Natanz, central-Iranian city located
almost 200 miles south of the capital city of Tehran. The plant
is a joint endeavor between Iran and Russia. While the U.S. and
others have chastised Russia for its involvement, the U.S.
intelligence community has asserted that it doesn't believe Iran to
be currently developing nuclear weapons at the facility.

Mahmoud
Jafari, project manager at the Bushehr nuclear plant is quoted in The
Telegraph,
a UK newspaper, as stating that the viral worm never achieved its
goal. Comments Mr. Jafari, "[It] has not caused any damage
to major systems of the plant."

But according
to international whistle-blower site Wikileaks,
a serious nuclear accident occurred at the plant sometime before
mid-June. The site's founder, Julian Assange, wrote:

Two
weeks ago, a source associated with Iran's nuclear program
confidentially told WikiLeaks of a serious, recent, nuclear accident
at Natanz. Natanz is the primary location of Iran's nuclear
enrichment program.

WikiLeaks
had reason to believe the source was credible however contact with
this source was lost.

WikiLeaks
would not normally mention such an incident without additional
confirmation, however according to Iranian media and the BBC, today
the head of Iran's Atomic Energy Organization, Gholam Reza Aghazadeh,
has resigned under mysterious circumstances. According to these
reports, the resignation was tendered around 20 days ago.

Inspectors
examined the claims, but found no distinguishable traces of an
accident.

A time stamp on the virus reveals that it was made
in January. What is equally remarkable to its sophistication in
terms of attack behavior is the lack of sophistication when it comes
to the worm's proliferation.

If it had constrained
its infections to Bushehr, it would likely not have been noticed for
some time. Instead, the worm was extremely aggressive in its
infection vectors, spreading to fifteen other Siemens plants, and
tens of thousands of non-plant computers worldwide. In Iran
60,000 computers are infected. In Indonesia, 10,000 machines
are infected. And in the United States thousands of computers
are believed to be infected as well.

That creates a dangerous
situation, as numerous parties, including international governments
and black-hat hackers, are racing to reverse-engineer the code and
exploit the infected machines. The infected machines may not
only compromise personal details, but may compromise industrial
infrastructure in Iran, Indonesia, India (another infection site),
and the U.S.

Melissa
Hathaway, a former United States national cybersecurity
coordinator, comments, "Proliferation is a real problem, and no
country is prepared to deal with it. All of these guys are
scared to death. We have about 90 days to fix this before some hacker
begins using it."

So who is behind the attacks? The
New York Timesquotes a
former U.S. intelligence office as saying that the attack was the
work of Israel’s equivalent of America’s National Security
Agency, known as Unit 8200. According to IEEE
Spectrum's December
issue, Israel had previously used a cyber-attack to shut off radar
systems in Syria, allowing it to evaluate what it believed to be an
under-construction nuclear reactor.

Regardless of who
perpetrated the attack, the primary issue now is stamping it out,
before it can be used for even more nefarious purposes. Early
reports were unclear about the transmission vector, but suggested it
may be spreading via USB sticks and other removable media.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

So let them prove it. By refusing to prove it, they open themselves to doubt. Personally, I don't trust a country run by a madman who has publicly stated that he wants to wipe an entire people off the face of the Earth.

All thier Nuclear materials are being monitored, and none has gone missing - so with what do you think they are building their Bomb?So far no evidence of an Iranian Nuclear weapons program has been published, only accusations. If you can point me to credible evidence I would be very interested.